/etc/apt/sources.list
会列出发布 Debian 软件包的不同仓库。接下来 APT 会从每一个软件源导入所发布的软件包列表。在二进制包的场景下,这个过程是通过下载 Packages.xz
文件或其它使用不同压缩方式的文件(比如 Packages.gz
或者 .bz2
),并分析它们的内容来完成。在源码包的场景下,APT 下载 Sources.xz
文件或其它使用了不同压缩方式的文件。当这些文件的旧版本已经存在的时候,APT 仅下载更新的部分(见补充说明 提示 增量更新)。
/etc/apt/sources.list
文件里处于激活状态每一行都代表一个软件包源(仓库),并且至少由空格分隔的三个部分组成。详细的文件格式和允许的条目组成参见 sources.list(5)。
例 6.1. /etc/apt/sources.list
的格式样例
deb url distribution component1 component2 component3 [..] componentX deb-src url distribution component1 component2 component3 [..] componentX
deb
deb-src
Packages.xz
files, it must give a full and valid URL. This can consist in a Debian mirror or in any other package archive set up by a third party. The URL can start with file://
to indicate a local source installed in the system's file hierarchy, with http://
or https://
to indicate a source accessible from a web server, or with ftp://
or ftps://
for a source available on an FTP server. The URL can also start with cdrom:
for CD-ROM/DVD/Blu-ray disc based installations, although this is less frequent, since network-based installation methods are eventually more common. More methods like ssh://
or tor+http(s)://
are supported and are either described in sources.list(5) or their respective apt-transport-method package documentation.
./
” which refers to the absence of a subdirectory. The packages are then directly at the specified URL. But in the most common case, the repositories will be structured like a Debian mirror, with multiple distributions, each having multiple components. In those cases, name the chosen distribution by its “codename” — see the list in sidebar 社区 Bruce Perens,一位有争议的领导者 — or by the corresponding “suite” (oldoldstable
, oldstable
, stable
, testing
, unstable
) and then the components to enable. A typical Debian mirror provides the components main
, contrib
, and non-free
.
cdrom
条目表示 CD、DVD 光盘。 跟其他条目不同,CD 光盘需要插入光驱中,并且每次只能读一张,所以并不总是可用。因此这种仓库管理起来稍有不同,需要用到 apt-cdrom
程序,经常与 add
参数一起执行。它会要求光驱中插入光盘,然后会浏览内容,寻找 Packages
文件。这些文件会用于更新可用软件包数据库(此过程由 apt update
命令完成)。自此,如果某些软件包需要光盘,APT 可发出插入光驱的要求。
sources.list
文件:
例 6.2. 给 Debian 稳定版用户的 /etc/apt/sources.list
文件
# Security updates deb http://security.debian.org/ bullseye-security main contrib non-free deb-src http://security.debian.org/ bullseye-security main contrib non-free ## Debian mirror # Base repository deb https://deb.debian.org/debian bullseye main contrib non-free deb-src https://deb.debian.org/debian bullseye main contrib non-free # Stable updates deb https://deb.debian.org/debian bullseye-updates main contrib non-free deb-src https://deb.debian.org/debian bullseye-updates main contrib non-free # Stable backports deb https://deb.debian.org/debian bullseye-backports main contrib non-free deb-src https://deb.debian.org/debian bullseye-backports main contrib non-free
stable
, stable-updates
, stable-backports
) because we don't want to have the underlying distribution changed outside of our control when the next stable release comes out.
sources.list
中所列出的第一个会被使用。因此,非官方的软件源一般建议加在文件的末尾处。
security.debian.org
(由 Debian 系统管理员们维护的小范围机器上)。上面的内容包括了那些由为 Debian 安全团队及软件包维护者提供给 稳定版 和 旧的稳定版 的安全更新。
Debian 安全通告
(DSA),并且在 debian-security-announce@lists.debian.org
邮件列表(邮件归档)随着安全更新一起公告。
proposed-updates
仓库中精心挑选的子集。所有更新都会在 debian-stable-announce@lists.debian.org
邮件列表 (archive) 上公布,并且无论如何都会包含在下一个稳定版的小版本更新中。
计划更新
仓库里准备(由稳定版发布管理员监督)。
bullseye-proposed-updates
alias which is both more explicit and more consistent since buster-proposed-updates
also exists (for the Oldstable updates):
deb https://deb.debian.org/debian bullseye-proposed-updates main contrib non-free
stable-backports
仓库存放“软件包的向后移植版本”。该术语指的是一些近期发布的软件针对旧的发行版重新编译的包,这里所指的旧发行版通常是指稳定版(Stable)。
stable-backports
里面的软件向后移植版本通常是源自于不稳定版的。这样能确保一旦下一个稳定的 Debian 版本可用,所有安装的向后移植版本软件都可以升级到相应的稳定版本。
APT
也只会在给出明确指令的情况下安装它们(或者你之前已经安装了对应软件的上一个向后移植版本):
$
sudo apt-get install package/bullseye-backports
$
sudo apt-get install -t bullseye-backports package
sources.list
文件,用于测试版或不稳定版:
例 6.3. Debian 测试版、不稳定版用户的 /etc/apt/sources.list
文件
# Unstable deb https://deb.debian.org/debian unstable main contrib non-free deb-src https://deb.debian.org/debian unstable main contrib non-free # Testing deb https://deb.debian.org/debian testing main contrib non-free deb-src https://deb.debian.org/debian testing main contrib non-free # Testing security updates deb http://security.debian.org/ testing-security main contrib non-free deb-src http://security.debian.org/ testing-security main contrib non-free # Stable deb https://deb.debian.org/debian stable main contrib non-free deb-src https://deb.debian.org/debian stable main contrib non-free # Stable security updates deb http://security.debian.org/ stable-security main contrib non-free deb-src http://security.debian.org/ stable-security main contrib non-free
sources.list
文件,APT 将安装软件包的不稳定版。如果这不是你所期望的,可以用 APT::Default-Release
设置(参见 第 6.2.3 节 “系统升级”)来指明 APT 从另外的版本获取软件包(这个例子中多数会使用测试版)。
sources.list
内,并不表示该软件包可顺利使用,应加入下面这行:
deb https://deb.debian.org/debian experimental main contrib non-free
sources.list
examples in this chapter refer to package repositories hosted on deb.debian.org
. Those URLs will redirect you to servers which are close to you and which are managed by Content Delivery Networks (CDN) whose main role is to store multiple copies of the files across the world, and to deliver them as fast as possible to users. The CDN companies that Debian is working with are Debian partners who are offering their services freely to Debian. While none of those servers are under direct control of Debian, the fact that the whole archive is sealed by GPG signatures makes it a non-issue.
deb.debian.org
的性能不满意的挑剔的用户可以尝试在官方镜像列表中找到更好的镜像:
ftp.country-code.debian.org
(例如ftp.us.debian.org
用于美国,ftp.fr.debian.org
用于法国等),它涵盖了很多国家,并指向某个国家中的一个(或多个)最佳镜像。
httpredir.debian.org
作为 deb.debian.org
的另一个选择。此服务会标识最近的镜像(在广泛镜像列表中,主要使用GeoIP)并重定向APT请求到该镜像。由于可靠性问题此服务已弃用,现在 httpredir.debian.org
提供与 deb.debian.org
相同的基于CDN的服务。
mentors.debian.net
站点比较有意思(虽然它只提供源码包),它搜集Debian开发者候选人员制作的软件包,以及那些希望创建Debian软件包又不想经历成为Debian开发者整套流程的那些志愿者的软件包。这些软件包提供时没有任何质量保证;请确保您在将它们用于生产环境之前检查它们的来源和完整性并进行测试。
sources.list
保持不变,但是 APT 被配置为把它们作为代理使用。
/etc/approx/approx.conf
中:
# <name> <repository-base-url> debian https://deb.debian.org/debian security http://security.debian.org/debian-security
sources.list
文件来指向 approx 服务器:
# Sample sources.list pointing to a local approx server deb http://localhost:9999/security bullseye-security main contrib non-free deb http://localhost:9999/debian bullseye main contrib non-free